elif self.offset == other.offset:
return 0
else:
return 1
def __str__(self):
return "===\nName: %s\nOff: %x" % (self.name, self.offset)
if __name__ == "__main__":
if len(sys.argv) < 3:
print "Usage: symbol2h.py in.pdb out"
sys.exit(1)
# load and parse pdb file
pdb = pdbparse.parse(sys.argv[1])
sects = Sections.parse(pdb.streams[10].data)
gsyms = pdb.streams[pdb.streams[3].gsym_file]
omap = OMAP_ENTRIES.parse(pdb.streams[12].data)
# list to store Symbol objs
syms = []
i = 0
remapped = 0
# parse symbols
for sym in gsyms.globals:
off = sym.offset
try:
# let's remove some useless stuff
if('?' in sym.name): continue
if('@' == sym.name[0]): continue
if(sym.name.startswith("__imp__")):
sym.name = sym.name[7:]
def cstring(str):
return str.split('\0')[0]
parser = OptionParser()
parser.add_option("-n", "--no-omap",
action="store_false", dest="omap", default=True,
help="don't try to make use of OMAP information")
(opts, args) = parser.parse_args()
if len(args) != 3:
parser.error("Need filename, base address, and first section offset")
pdb = pdbparse.parse(args[0])
imgbase = int(args[1], 0)
secbase = int(args[2], 0)
sects = Sections.parse(pdb.streams[secbase].data)
gsyms = pdb.streams[pdb.streams[3].gsym_file]
if opts.omap:
omap = Omap(pdb.streams[secbase+2].data)
else:
class Dummy: pass
omap = Dummy()
omap.remap = lambda x: x
for sym in gsyms.globals:
try:
off = sym.offset
virt_base = sects[sym.segment-1].VirtualAddress
nm = cstring(sects[sym.segment-1].Name)
print "%s,%#x,%d,%s" % (sym.name,imgbase+omap.remap(off+virt_base),sym.symtype,nm)
names = [
SyscallTable("KiServiceTable", "KiServiceLimit", "KiArgumentTable"),
SyscallTable("W32pServiceTable", "W32pServiceLimit", "W32pArgumentTable"),
]
addrs = [SyscallTable(0, 0, 0), SyscallTable(0, 0, 0)]
values = [SyscallTable(0, 0, 0), SyscallTable(0, 0, 0)]
if len(sys.argv) != 3:
print >> sys.stderr, "usage: %s <exe> <pdb>" % sys.argv[0]
sys.exit(1)
pe = PE(sys.argv[1])
pdb = pdbparse.parse(sys.argv[2])
sects = Sections.parse(pdb.streams[10].data)
orig_sects = Sections.parse(pdb.streams[13].data)
gsyms = pdb.streams[pdb.streams[3].gsym_file]
omap = Omap(pdb.streams[12].data)
omap_rev = Omap(pdb.streams[11].data)
print gsyms.globals
for tbl, addr in zip(names, addrs):
for sym in gsyms.globals:
try:
virt_base = sects[sym.segment - 1].VirtualAddress
except IndexError:
continue
off = sym.offset
return 0
else:
return 1
def __str__(self):
return "===\nName: %s\nOff: %x" % (self.name, self.offset)
if __name__ == "__main__":
if len(sys.argv) < 3:
print "Usage: symbol2h.py in.pdb out"
sys.exit(1)
# load and parse pdb file
pdb = pdbparse.parse(sys.argv[1])
sects = Sections.parse(pdb.streams[10].data)
gsyms = pdb.streams[pdb.streams[3].gsym_file]
omap = OMAP_ENTRIES.parse(pdb.streams[12].data)
# list to store Symbol objs
syms = []
i = 0
remapped = 0
# parse symbols
for sym in gsyms.globals:
off = sym.offset
try:
# let's remove some useless stuff
if ('?' in sym.name): continue
if ('@' == sym.name[0]): continue
if (sym.name.startswith("__imp__")):
sym.name = sym.name[7:]
mods = [ (sys.argv[i],sys.argv[i+1],int(sys.argv[i+2])) for i in range(1,len(sys.argv)-2,3) ]
addrs = {}
# Set this to the first PDB section that contains section headers
# Common bases:
# ntdll: 8
# ntoskrnl: 10
# BASE =
for pdbname,basestr,BASE in mods:
pdbbase = os.path.basename(pdbname).split('.')[0]
print "Loading symbols for %s..." % pdbbase
pdb = pdbparse.parse(pdbname)
base = int(basestr,0)
sects = Sections.parse(pdb.streams[BASE].data)
orig_sects = Sections.parse(pdb.streams[BASE+3].data)
gsyms = pdb.streams[pdb.streams[3].gsym_file]
omap = Omap(pdb.streams[BASE+2].data)
omap_rev = Omap(pdb.streams[BASE+1].data)
last_sect = max(sects, key=attrgetter('VirtualAddress'))
limit = base + last_sect.VirtualAddress + last_sect.Misc.VirtualSize
addrs[base,limit] = {}
addrs[base,limit]['name'] = pdbbase
addrs[base,limit]['addrs'] = []
for sym in gsyms.globals:
off = sym.offset
try:
virt_base = sects[sym.segment-1].VirtualAddress